From f24eb27bef4ecbb9b7d1702d9a10fcdba913300c Mon Sep 17 00:00:00 2001
From: Salar Rahmanian <code@softinio.com>
Date: Sat, 17 Feb 2024 09:37:00 -0800
Subject: [PATCH 1/2] cors and security fixes

---
 config.toml     | 2 +-
 static/_headers | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 static/_headers

diff --git a/config.toml b/config.toml
index 401f6f3..ad22981 100644
--- a/config.toml
+++ b/config.toml
@@ -197,7 +197,7 @@ copyright = "© $CURRENT_YEAR $AUTHOR $SEPARATOR Unless otherwise noted, the con
 allowed_domains = [
     { directive = "font-src", domains = ["'self'", "data:"] },
     { directive = "img-src", domains = ["'self'", "https://*", "data:"] },
-    { directive = "script-src", domains = ["'self'", "https://comments.softinio.com/js/embed.min.js"] },
+    { directive = "script-src", domains = ["'self'", "https://comments.softinio.com/js/embed.min.js", "https://static.cloudflareinsights.com/beacon.min.js"] },
     { directive = "style-src", domains = ["'self'"] },
     { directive = "frame-src", domains = ["player.vimeo.com", "https://www.youtube-nocookie.com", "https://watch.softinio.com", "https://notes.softinio.com/embed"] },
 ]
diff --git a/static/_headers b/static/_headers
new file mode 100644
index 0000000..063c000
--- /dev/null
+++ b/static/_headers
@@ -0,0 +1,5 @@
+https://comments.softinio.com
+    Access-Control-Allow-Origin: https://comments.softinio.com 
+https://www.softinio.com
+    Access-Control-Allow-Origin: https://www.softinio.com
+
-- 
2.46.0


From af4afc4f739a2659069b35709eebd4ac10591a31 Mon Sep 17 00:00:00 2001
From: Salar Rahmanian <code@softinio.com>
Date: Sat, 17 Feb 2024 10:23:30 -0800
Subject: [PATCH 2/2] Cors and preview environment updates

---
 .woodpecker.yml | 6 ++++--
 config.toml     | 2 +-
 flake.nix       | 2 +-
 static/_headers | 6 ++----
 4 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/.woodpecker.yml b/.woodpecker.yml
index a713eef..a5c6981 100644
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -3,13 +3,15 @@ steps:
     image: nixos/nix
     commands:
       - echo 'experimental-features = flakes nix-command' >> /etc/nix/nix.conf
+      - nix profile install nixpkgs#gnused --impure 
+      - sed -i "s|base_url = \"https://www.softinio.com\"|base_url = \"https://$CI_COMMIT_BRANCH.softinio.com\"|" ./config.toml
       - nix build
       - nix flake show
       - ls result
-      - nix develop --command wrangler pages deploy result --branch=$CI_COMMIT_SOURCE_BRANCH --project-name=softinio --commit-dirty=true
+      - nix develop --command wrangler pages deploy result --branch=$CI_COMMIT_BRANCH --project-name=softinio --commit-dirty=true
     secrets: [ cloudflare_account_id, cloudflare_api_token ]
     when:
-      event: [push, pull_request]
+      event: [push]
       branch:
         exclude: [ main ]
 
diff --git a/config.toml b/config.toml
index ad22981..7626d44 100644
--- a/config.toml
+++ b/config.toml
@@ -197,7 +197,7 @@ copyright = "© $CURRENT_YEAR $AUTHOR $SEPARATOR Unless otherwise noted, the con
 allowed_domains = [
     { directive = "font-src", domains = ["'self'", "data:"] },
     { directive = "img-src", domains = ["'self'", "https://*", "data:"] },
-    { directive = "script-src", domains = ["'self'", "https://comments.softinio.com/js/embed.min.js", "https://static.cloudflareinsights.com/beacon.min.js"] },
+    { directive = "script-src", domains = ["'self'", "https://comments.softinio.com/js/embed.min.js", "https://static.cloudflareinsights.com"] },
     { directive = "style-src", domains = ["'self'"] },
     { directive = "frame-src", domains = ["player.vimeo.com", "https://www.youtube-nocookie.com", "https://watch.softinio.com", "https://notes.softinio.com/embed"] },
 ]
diff --git a/flake.nix b/flake.nix
index f68a449..2832b3d 100644
--- a/flake.nix
+++ b/flake.nix
@@ -31,7 +31,7 @@
               ln -snf "${theme}" "themes/${themeName}"
             '';
             buildPhase = ''
-              zola build 
+              zola build -f
             '';
             installPhase = ''
               mkdir -p $out
diff --git a/static/_headers b/static/_headers
index 063c000..1e14ac6 100644
--- a/static/_headers
+++ b/static/_headers
@@ -1,5 +1,3 @@
-https://comments.softinio.com
-    Access-Control-Allow-Origin: https://comments.softinio.com 
-https://www.softinio.com
-    Access-Control-Allow-Origin: https://www.softinio.com
+/*
+    Access-Control-Allow-Origin: https://www.softinio.com https://comments.softinio.com https://*.softinio.pages.dev
 
-- 
2.46.0